/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package org.siscoh.controller;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author israel
 */
public class ControlePermissao {
    
    public static boolean possuiPermissao(HttpServletRequest request, HttpServletResponse response)
    {
        HttpSession session = request.getSession(false);
        /*
        int permissaoMinima = (request.getParameter("minper") == null ? 0 :
                Integer.parseInt(request.getParameter("minper")));*/
        
        int permissaoMinima = (request.getAttribute("minper") == null ? 0 :
                (Integer)request.getAttribute("minper" ));
        
        if (session != null && session.getAttribute("permissao") != null && session.getAttribute("user") != null) {
            int permissao = (Integer) session.getAttribute("permissao");
            if (permissao < permissaoMinima) {
                try {
                    //sair = "1";
                    response.sendRedirect("/403.html");
                    //out.flush();
                    //out.flush();
                } catch (IOException ex) {}
                finally
                {
                    return false;
                }
            }
        } else {
            try {
                response.getWriter().flush();
                response.sendRedirect("/403.html");
                //sair = "1";
                //out.flush();
                //out.flush();
            } catch (IOException ex) {}
            finally
            {
                return false;
            }
        }
        
        return true;
    }
    
}
